<?php
class Adminsession {
    private function getUserPassword($username) {
        $sql = "SELECT
                    password
                FROM
                    user
                WHERE
                    username = '" . $username . "'";
        try {
            $result = $this->db->query($sql);
            $result = $this->db->fetch_object($result);
            return $result->password;
        } catch (Exception $e) {
            #$this->db->raise_error();
            return false;
        }
        return false;
    }

    public function login($username, $password) {
        if ($this->getUserPassword($username) == md5($password)) {
            session_register("admin");
            $_SESSION['admin'] = $username;
            return true;
        } else {
            session_unregister("admin");
            session_destroy();
            return false;
        }
    }

    public function logout() {
        session_unregister("admin");
        session_destroy();
        return true;
    }
}
?>